Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:nuget/Microsoft.AspNetCore.Mvc.Cors@1.0.0
purl pkg:nuget/Microsoft.AspNetCore.Mvc.Cors@1.0.0
Next non-vulnerable version 1.0.6
Latest non-vulnerable version 1.1.6
Risk 4.0
Vulnerabilities affecting this package (5)
Vulnerability Summary Fixed by
VCID-axvm-3dh9-3kf6
Aliases:
CVE-2017-0247
GHSA-6xh7-4v2w-36q6
Improper Input Validation A denial of service vulnerability exists when the ASP.NET Core fails to properly validate web requests. NOTE: Microsoft has not commented on third-party claims that the issue is that the TextEncoder.EncodeCore function in the System.Text.Encodings.Web package in ASP.NET Core Mvc allows remote attackers to cause a denial of service by leveraging failure to properly calculate the length of 4-byte characters in the Unicode Non-Character range.
1.0.4
Affected by 1 other vulnerability.
1.1.3
Affected by 1 other vulnerability.
VCID-b2mg-kc6t-z7ht
Aliases:
CVE-2017-0256
GHSA-j8f4-2w4p-mhjc
Improper Input Validation A spoofing vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.
1.0.4
Affected by 1 other vulnerability.
1.1.3
Affected by 1 other vulnerability.
VCID-bmf7-rsbm-3fb1
Aliases:
CVE-2017-8700
GHSA-3rp6-rjw4-cq39
Microsoft Security Advisory CVE-2017-8700: CORS bypass can enable Information Disclosure
1.0.6
Affected by 0 other vulnerabilities.
1.1.5
Affected by 1 other vulnerability.
1.1.6
Affected by 0 other vulnerabilities.
VCID-j4d8-wr24-63d3
Aliases:
CVE-2017-0248
GHSA-ch6p-4jcm-h8vh
Improper Certificate Validation Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to bypass Enhanced Security Usage taggings when they present a certificate that is invalid for a specific use, aka ".NET Security Feature Bypass Vulnerability."
1.0.4
Affected by 1 other vulnerability.
1.1.3
Affected by 1 other vulnerability.
VCID-mrpr-pw4n-bfae
Aliases:
CVE-2017-0249
GHSA-qhqf-ghgh-x2m4
Improper Input Validation An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.
1.0.4
Affected by 1 other vulnerability.
1.1.3
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:49:04.267756+00:00 GitLab Importer Affected by VCID-bmf7-rsbm-3fb1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-8700.yml 38.4.0
2026-04-16T20:48:45.265664+00:00 GitLab Importer Affected by VCID-mrpr-pw4n-bfae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-0249.yml 38.4.0
2026-04-16T20:48:34.564914+00:00 GitLab Importer Affected by VCID-axvm-3dh9-3kf6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-0247.yml 38.4.0
2026-04-16T20:48:14.049195+00:00 GitLab Importer Affected by VCID-b2mg-kc6t-z7ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-0256.yml 38.4.0
2026-04-16T20:48:08.920093+00:00 GitLab Importer Affected by VCID-j4d8-wr24-63d3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-0248.yml 38.4.0
2026-04-11T23:05:04.583503+00:00 GitLab Importer Affected by VCID-bmf7-rsbm-3fb1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-8700.yml 38.3.0
2026-04-11T21:59:40.873419+00:00 GitLab Importer Affected by VCID-mrpr-pw4n-bfae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-0249.yml 38.3.0
2026-04-11T21:59:29.760670+00:00 GitLab Importer Affected by VCID-axvm-3dh9-3kf6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-0247.yml 38.3.0
2026-04-11T21:59:05.536680+00:00 GitLab Importer Affected by VCID-b2mg-kc6t-z7ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-0256.yml 38.3.0
2026-04-11T21:59:00.764439+00:00 GitLab Importer Affected by VCID-j4d8-wr24-63d3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-0248.yml 38.3.0
2026-04-04T14:30:01.419557+00:00 GHSA Importer Affected by VCID-bmf7-rsbm-3fb1 https://github.com/advisories/GHSA-3rp6-rjw4-cq39 38.1.0
2026-04-02T23:13:21.194531+00:00 GitLab Importer Affected by VCID-bmf7-rsbm-3fb1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-8700.yml 38.1.0
2026-04-02T22:12:52.238017+00:00 GitLab Importer Affected by VCID-mrpr-pw4n-bfae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-0249.yml 38.1.0
2026-04-02T22:12:41.124876+00:00 GitLab Importer Affected by VCID-axvm-3dh9-3kf6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-0247.yml 38.1.0
2026-04-02T22:12:23.856703+00:00 GitLab Importer Affected by VCID-b2mg-kc6t-z7ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-0256.yml 38.1.0
2026-04-02T22:12:19.038548+00:00 GitLab Importer Affected by VCID-j4d8-wr24-63d3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-0248.yml 38.1.0
2026-04-01T15:56:49.981073+00:00 GHSA Importer Affected by VCID-j4d8-wr24-63d3 https://github.com/advisories/GHSA-ch6p-4jcm-h8vh 38.0.0
2026-04-01T15:56:48.774635+00:00 GHSA Importer Affected by VCID-axvm-3dh9-3kf6 https://github.com/advisories/GHSA-6xh7-4v2w-36q6 38.0.0
2026-04-01T15:56:47.527703+00:00 GHSA Importer Affected by VCID-b2mg-kc6t-z7ht https://github.com/advisories/GHSA-j8f4-2w4p-mhjc 38.0.0
2026-04-01T15:56:46.568304+00:00 GHSA Importer Affected by VCID-mrpr-pw4n-bfae https://github.com/advisories/GHSA-qhqf-ghgh-x2m4 38.0.0
2026-04-01T12:50:18.897188+00:00 GitLab Importer Affected by VCID-bmf7-rsbm-3fb1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-8700.yml 38.0.0
2026-04-01T12:48:02.650699+00:00 GitLab Importer Affected by VCID-mrpr-pw4n-bfae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-0249.yml 38.0.0
2026-04-01T12:48:01.941663+00:00 GitLab Importer Affected by VCID-axvm-3dh9-3kf6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-0247.yml 38.0.0
2026-04-01T12:48:00.722389+00:00 GitLab Importer Affected by VCID-b2mg-kc6t-z7ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-0256.yml 38.0.0
2026-04-01T12:48:00.311382+00:00 GitLab Importer Affected by VCID-j4d8-wr24-63d3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.Mvc.Cors/CVE-2017-0248.yml 38.0.0
2026-04-01T12:38:29.153221+00:00 RetireDotNet Importer Affected by VCID-bmf7-rsbm-3fb1 https://github.com/RetireNet/Packages/blob/master/Content/2.json 38.0.0